NewsPenguin Threat Actor Unleashes Malicious Attacks on Pakistani Firms
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A recently identified adversary, referred to as NewsPenguin, has been associated with a sophisticated phishing campaign targeting Pakistani organizations. The attacker employs a highly intricate payload delivery mechanism and leverages the …
OpenSSL Releases Update to Address Several High-Severity Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The OpenSSL Project has released fixes for several security flaws, including a high-severity bug (CVE-2023-0286) that could expose users to malicious attacks. The bug is related to a type of confusion …
An Authentication Vulnerability Discovered in Jira Service Management Server and Data Center
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A security vulnerability was found in Jira Service Management Server and Data Center (versions 5.3.0 to 5.5.0) which allows an attacker to access a Jira Service Management instance by impersonating another …
Chrome 110 Tackles a Collection of Security Weaknesses
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome version 110 is now being rolled out to the stable channels for Windows, Mac, and Linux users. This update includes bug fixes and improvements, specifically addressing security issues such …
The SteelClover Group is Spreading Malware via Google Ads in Japan
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SteelClover is a malicious attack group that has been active since 2019 and has been observed to conduct various attacks for financial gain. SteelClover recently saw a rise in malware downloading …
Trigona Ransomware’s Rampant Threat to Businesses
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Trigona has gained momentum lately due to its utilization of the double-extortion technique of encrypting crucial assets within an organization, including endpoints and infrastructure, and demanding payment of ransom, or else …
Linux Variant of Cl0p Ransomware Discovered with Flawed Encryption Algorithm
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Cl0p ransomware for Linux has been discovered. The executable file in ELF format has a flawed encryption algorithm, which allows for the decryption of the locked …
The ESXiArgs ransomware attack is targeting VMware ESXi servers globally
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A global ransomware attack, known as ESXiArgs, is affecting servers using VMware ESXi hypervisors version 6.x prior to 6.7 due to a vulnerability (CVE-2021-21974) caused by a heap overflow issue in …
Mustang Panda APT targets Europe with customized PlugX malware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Mustang Panda APT group has been targeting government and public sector organizations across Asia and Europe since at least 2019. Recently, the group has shifted from using archive files to using …
Actors, Threats and Vulnerabilities 30 January to 5 February 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro discovered four actors that have been active in the past week. The first, Sandworm Team, is a well-known Russian threat actor known for Sabotage …